ICT Analyst, Cybersecurity

at  United Nations Development Programme UNDP

Job Identification
21474
Locations
Bonn, Germany
Posting Date
10/22/2024, 04:31 AM
Apply Before
11/05/2024, 10:59 PM
Degree Level
Advanced/Postgraduate Degree
Job Schedule
Full time
Agency
UN Volunteers
Grade

APPLICANT INFORMATION ABOUT UNDP ROSTERS

Note: UNDP reserves the right to select one or more candidates from this vacancy announcement. We may also retain applications and consider candidates applying to this post for other similar positions with UNDP at the same grade level and with similar job description, experience and educational requirements.
Non-discrimination
UNDP has a zero-tolerance policy towards sexual exploitation and misconduct, sexual harassment, and abuse of authority. All selected candidates will, therefore, undergo rigorous reference and background checks, and will be expected to adhere to these standards and principles.
UNDP is an equal opportunity and inclusive employer that does not discriminate based on race, sex, gender identity, religion, nationality, ethnic origin, sexual orientation, disability, pregnancy, age, language, social origin or other status.
Scam warning
The United Nations does not charge any application, processing, training, interviewing, testing or other fee in connection with the application or recruitment process. Should you receive a solicitation for the payment of a fee, please disregard it. Furthermore, please note that emblems, logos, names and addresses are easily copied and reproduced. Therefore, you are advised to apply particular care when submitting personal information on the web

Under the Supervision of the Team Leader ICT Infrastructure, the ICT Analyst, Cybersecurity is responsible for comprehensive incident handling in accordance with policy and guidelines which includes how incidents are defined, reported, verified, tracked, contained, and recovered. Specifically, the incumbent will be involved in the following duties:

• Developing solutions to automate cybersecurity tasks.
• Maintaining a variety of cloud-native security solutions, including but not limited to: Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR), develop automation pipelines and custom scripts to reduce manual labor and minimize human error.
• Monitoring and evaluating events, alerts, and notifications from the cyber security infrastructure for indications of suspicious/unauthorized activity.
• Responding to detected or reported cyber security incidents.
• Monitoring vendor and industry alerts, warnings, and security advisories, and follow up with appropriate system and service owners within the organization to ensure that corresponding risks are mitigated.
• Promoting security best practices and plan security awareness trainings.
• Collaborate with development teams to integrate security best practices into all phases of the SDLC.
• Conduct security risk assessments, code reviews, and vulnerability assessments for UNV applications.
• Develop (where not exist) and enforce UNDP security policies, standards, training and guidelines for team members and staff.
• Perform threat modeling and security architecture reviews to identify potential risks.
• Coordinate vulnerability scans with provider(s).
• Coordinate “Red Teaming” exercises with all stakeholders.
• Ensure incident response readiness for all UNV services.
• Lead initiatives to improve overall UNV Cybersecurity posture, including automation of security testing.
• Keep an update inventory of UNV digital assets and make sure all measures are taken to make them available to legitimate authorized users and untampered with (Availability, Confidentiality, Integrity).
• Coach Application owners, Data owners, and Service owners on Backup and restore procedures and business continuity measures.
• Work closely with UNDP security team to implement ISO27001/2 Information Management certification for UNV